Team-Plu · orijoon98 · Mar 1, 2024 · Feb 16, 2024 · Feb 16, 2024 · Feb 16, 2024
diff --git a/plu-api/src/main/kotlin/com/th/plu/api/controller/auth/AuthController.kt b/plu-api/src/main/kotlin/com/th/plu/api/controller/auth/AuthController.kt
@@ -2,6 +2,7 @@ package com.th.plu.api.controller.auth
 
 import com.th.plu.api.controller.auth.dto.request.LoginRequestDto
 import com.th.plu.api.controller.auth.dto.request.SignupRequestDto
+import com.th.plu.api.controller.auth.dto.request.TokenRequestDto
 import com.th.plu.api.controller.auth.dto.response.TokenResponseDto
 import com.th.plu.api.service.auth.AuthServiceProvider
 import com.th.plu.api.service.auth.TokenService
@@ -41,4 +42,10 @@ class AuthController(
         val tokenInfo = tokenService.createTokenInfo(memberId)
         return ApiResponse.success(tokenInfo)
     }
+
+    @Operation(summary = "토큰 갱신")
+    @PostMapping("/v1/auth/refresh")
+    fun reissue(@Valid @RequestBody request: TokenRequestDto): ApiResponse<TokenResponseDto> {
+        return ApiResponse.success(tokenService.reissueToken(request))
+    }
 }
diff --git a/plu-api/src/main/kotlin/com/th/plu/api/controller/auth/dto/request/TokenRequestDto.kt b/plu-api/src/main/kotlin/com/th/plu/api/controller/auth/dto/request/TokenRequestDto.kt
@@ -0,0 +1,15 @@
+package com.th.plu.api.controller.auth.dto.request
+
+import io.swagger.v3.oas.annotations.media.Schema
+import jakarta.validation.constraints.NotBlank
+
+data class TokenRequestDto(
+
+    @field:Schema(description = "토큰 - accessToken", example = "eyJhbGciOiJIUzUxMiJ9.udnKnDSK08EuX56E5k-")
+    @field:NotBlank(message = "accessToken 을 입력해주세요.")
+    val accessToken: String,
+
+    @field:Schema(description = "토큰 - refreshToken", example = "eyJhbGciOiJIUzUxMiJ9.udnKnDSK08EuX56E5k-")
+    @field:NotBlank(message = "refreshToken 을 입력해주세요.")
+    val refreshToken: String
+)
diff --git a/plu-api/src/main/kotlin/com/th/plu/api/service/auth/TokenService.kt b/plu-api/src/main/kotlin/com/th/plu/api/service/auth/TokenService.kt
@@ -1,17 +1,57 @@
 package com.th.plu.api.service.auth
 
+import com.th.plu.api.controller.auth.dto.request.TokenRequestDto
 import com.th.plu.api.controller.auth.dto.response.TokenResponseDto
+import com.th.plu.api.service.member.MemberServiceUtils
+import com.th.plu.common.constant.RedisKey
+import com.th.plu.common.exception.code.ErrorCode
+import com.th.plu.common.exception.model.UnauthorizedException
 import com.th.plu.common.util.JwtUtils
+import com.th.plu.domain.domain.member.repository.MemberRepository
+import org.springframework.data.redis.core.RedisTemplate
 import org.springframework.stereotype.Service
 import org.springframework.transaction.annotation.Transactional
 
 @Service
 class TokenService(
-    private val jwtUtils: JwtUtils
+    private val jwtUtils: JwtUtils,
+    private val memberRepository: MemberRepository,
+    private val redisTemplate: RedisTemplate<String, Any>
 ) {
     @Transactional
     fun createTokenInfo(memberId: Long): TokenResponseDto {
         val tokens: List<String> = jwtUtils.createTokenInfo(memberId)
         return TokenResponseDto(accessToken = tokens[0], refreshToken = tokens[1])
     }
+
+    @Transactional
+    fun reissueToken(request: TokenRequestDto): TokenResponseDto {
+        val memberId = jwtUtils.getMemberIdFromJwt(request.accessToken)
+        val member = MemberServiceUtils.findMemberById(memberRepository, memberId)
+        if (!jwtUtils.validateToken(request.refreshToken)) {
+            member.resetFcmToken()
+            throw UnauthorizedException(
+                ErrorCode.UNAUTHORIZED_EXCEPTION,
+                "주어진 리프레시 토큰 ${request.refreshToken} 이 유효하지 않습니다."
+            )
+        }
+        val refreshToken = redisTemplate.opsForValue().get(RedisKey.REFRESH_TOKEN + memberId) as String?
+        if (refreshToken == null) {
+            member.resetFcmToken()
+            throw UnauthorizedException(
+                ErrorCode.UNAUTHORIZED_EXCEPTION,
+                "이미 만료된 리프레시 토큰 ${request.refreshToken} 입니다."
+            )
+        }
+        if (refreshToken != request.refreshToken) {
+            jwtUtils.expireRefreshToken(member.id!!)
+            member.resetFcmToken()
+            throw UnauthorizedException(
+                ErrorCode.UNAUTHORIZED_EXCEPTION,
+                "해당 리프레시 토큰 ${request.refreshToken} 의 정보가 일치하지 않습니다."
+            )
+        }
+        val newTokens = jwtUtils.createTokenInfo(memberId)
+        return TokenResponseDto(accessToken = newTokens[0], refreshToken = newTokens[1])
+    }
 }
diff --git a/plu-api/src/main/kotlin/com/th/plu/api/service/member/MemberServiceUtils.kt b/plu-api/src/main/kotlin/com/th/plu/api/service/member/MemberServiceUtils.kt
@@ -19,6 +19,14 @@ class MemberServiceUtils {
             }
         }
 
+        fun findMemberById(
+            memberRepository: MemberRepository,
+            id: Long
+        ): Member {
+            return memberRepository.findMemberById(id)
+                ?: throw NotFoundException(ErrorCode.NOT_FOUND_MEMBER_EXCEPTION, "존재하지 않는 유저 $id 입니다")
+        }
+
         fun findMemberBySocialIdAndSocialType(
             memberRepository: MemberRepository,
             socialId: String,

diff --git a/plu-common/src/main/kotlin/com/th/plu/common/util/JwtUtils.kt b/plu-common/src/main/kotlin/com/th/plu/common/util/JwtUtils.kt
@@ -92,7 +92,8 @@ class JwtUtils(
     }
 
     fun getMemberIdFromJwt(accessToken: String): Long {
-        return parseClaims(accessToken).get(JwtKey.MEMBER_ID, Long::class.java)
+        val memberId = parseClaims(accessToken)[JwtKey.MEMBER_ID] as Int
+        return memberId.toLong()
     }
 
     private fun parseClaims(accessToken: String): Claims {

diff --git a/plu-domain/src/main/kotlin/com/th/plu/domain/domain/member/Member.kt b/plu-domain/src/main/kotlin/com/th/plu/domain/domain/member/Member.kt
@@ -24,8 +24,8 @@ class Member(
     @Enumerated(EnumType.STRING)
     var role: MemberRole,
 
-    @Column(name = "fcm_token", nullable = false, length = 300)
-    var fcmToken: String,
+    @Column(name = "fcm_token", nullable = true, length = 300)
+    var fcmToken: String?,
 
     @OneToOne(fetch = FetchType.LAZY, orphanRemoval = true, cascade = [CascadeType.ALL])
     @JoinColumn(name = "setting_id", nullable = false)
@@ -63,4 +63,8 @@ class Member(
     fun updateFcmToken(fcmToken: String) {
         this.fcmToken = fcmToken
     }
+
+    fun resetFcmToken() {
+        this.fcmToken = null
+    }
 }
diff --git a/plu-external/src/main/kotlin/com/th/plu/external/sqs/dto/FirebaseMessageDto.kt b/plu-external/src/main/kotlin/com/th/plu/external/sqs/dto/FirebaseMessageDto.kt
@@ -1,5 +1,5 @@
 package com.th.plu.external.sqs.dto
 
-data class FirebaseMessageDto(val type: MessageType, val fcmToken: String, val title: String, val body: String) :
+data class FirebaseMessageDto(val type: MessageType, val fcmToken: String?, val title: String, val body: String) :
     SqsMessageDto(type) {
 }